In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.
References
Link | Resource |
---|---|
https://fatihhcelik.blogspot.com/2019/12/support-incident-tracker-xss-in-plugin.html | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-02T04:30:12
Updated: 2020-01-02T04:30:12
Reserved: 2020-01-02T00:00:00
Link: CVE-2019-20221
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-02T14:16:36.863
Modified: 2020-01-03T21:28:22.477
Link: CVE-2019-20221
JSON object: View
Redhat Information
No data.
CWE